Date: Mon, 17 Jul 2000 16:54:54 +0200 From: Mark Murray <mark@grondar.za> To: "Louis A. Mamakos" <louie@TransSys.COM> Cc: current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak Message-ID: <200007171454.QAA00856@grimreaper.grondar.za> In-Reply-To: <200007171319.JAA04774@whizzo.transsys.com> ; from "Louis A. Mamakos" <louie@TransSys.COM> "Mon, 17 Jul 2000 09:19:25 -0400." References: <200007171319.JAA04774@whizzo.transsys.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I agree that it is not (very) random; however cclock jitter and keystroke > > timing can help thwart the bad guys... > > But do please keep in mind that many of my FreeBSD platforms have neither > keyboard or mouse. And for the ones that do, they tend not to get used > until long after the system boots. It's essential that the randomness > harvesting also be driven off of other events, such as network interface > or storage system interrupts for these environments. Agreed. I have already committed a "persistent" entropy cache that reseeds the random device on reboot. > In fact, it would be rather interesting to have a configuration flag which > always forces something like an fsck on a file system in order to provide > some entropy to the random device. Or some other user-exposed way of > providing entropy. I might have some data on disk, or some network > operations which can be performed to help seed the entropy pool. I'm (er, phk is) looking at hooking namei() in some way. I'm also going to hook the networking stack. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007171454.QAA00856>